Articles on Rails

Unlocking Value with Bonsai: A Month in Technical Debt Remediation

Managing technical debt is a huge concern for businesses of all sizes. At, we understand the challenges of maintaining a healthy codebase while continuously delivering value to your users. That’s why we’ve introduced Bonsai, our fixed-cost, monthly maintenance service tailored to gradually alleviate technical debt. Join us as we take a deep dive into the value Bonsai brings to the table over the course of a month.

Read more

Can You Upgrade Rails in Increments?

Ruby on Rails is a powerful web application framework that has evolved over the years, with new versions bringing in features, improvements, and security updates. As your application matures, keeping it up-to-date with the latest Rails version becomes crucial. However, the prospect of upgrading an entire Rails application can be daunting. In this blog post, we’ll explore whether it’s possible to upgrade your Rails application in increments and how to go about it.

Read more

Managing Long-running Branches

In software development, there are instances where creating a long-running branch when working on a project will be considered by developers. Long-running branches have been debated a lot by many teams due to their risks mainly around but not limited to, dare I say it, merge conflicts.

However, it isn’t necessarily the evil it’s made out to be and when handled with care, they can present extreme value to a team. Even DHH argues the benefits of maintaining a ‘cohesive architecture’ in this article

Read more

Troubleshooting GitHub Actions with Rails and MySQL

Need help executing a GitHub Actions workflow for your Rails application, especially when dealing with a MYSQL database? Whether you’re just starting or transitioning from another CI service, navigating potential pitfalls can be challenging. If you’ve found yourself nodding along, then this blog post is tailored just for you.

Read more

Speeding Up Assets Precompilation

There has been a lot of conversations on social media about the “NoBuild” approach: using native browser features and plain CSS+JavaScript to avoid a precompilation step for our assets.

In many cases, it’s not easy to move to a “NoBuild” setup (and in some cases it’s not even possible depending on the application’s needs), and we can still aim to make the assets:precompile task as fast as possible if we can’t eliminate it.

In this article we’ll explore some areas for optimization using one of our applications.

Read more

How Do You Know When Your App is Not Compliant?

Ensuring that your company’s website is current with compliance standards is extremely important and essential for any Rails application. Operating with a compliant application guarantees security that can help with handling sensitive data and maintaining users’ trust. The more compliant your website is, the more secure it will be against data breaches, which helps users feel safe when they’re using it.

So what does it take to be compliant? In this article, we will focus on security and cover some indicators to help identify if your Rails app might not be compliant anymore.

Read more

How To Delay A Rails Upgrade

Maintaining an up-to-date Ruby on Rails application is crucial for performance, security, and feature enhancements. However, finding the time for a full-scale upgrade can be challenging. In this blog post, we’ll explore practical steps you can take to delay a Rails upgrade when you don’t have the immediate bandwidth but want to set the stage for a seamless process in the future.

Read more

Rails Performance Unveiled: Identifying Common Culprits

When it comes to improving application performance and areas to focus on, I would recommend looking at the APM data, and then deciding which areas to prioritize.

However this article isn’t about where to focus efforts, but rather a compilation of techniques to improve your application’s performance, from tackling common problems like N+1 queries and database indexing to leveraging the jemalloc memory allocator. Let’s look at these performance-boosting strategies designed to fine-tune your application.

Read more

How to use Brakeman to find Rails security vulnerabilities

Security is a huge concern for web applications. To protect your Rails app from potential vulnerabilities and threats, it’s essential to perform regular security assessments. Brakeman, a widely used static analysis tool for Ruby on Rails, can help you identify security vulnerabilities proactively.

In this article, we’ll explore how to use Brakeman to check your Rails app for security vulnerabilities.

Read more

A Comprehensive Guide to Our Roadmap Service

One of our biggest goals as a company is to aim for transparency and honesty when evaluating a project for an upgrade. We understand that the decision to hire an outside vendor versus doing it in house becomes a difficult one. To provide confidence and a clear path to completing an upgrade, before we even begin a project we invest time in doing a thorough investigation of the project to provide the most accurate and detailed game plan for an upgrade.

In this blog, we are going to break down our Roadmap service and explain how it can be used to guide you and your team to making decisions when it comes to upgrading your application.

Read more

How to Reduce The Cost of Upgrading Rails with

In the first article of this series, we discussed How Much Does It Cost to Upgrade Rails based on our historical data working on over 100 upgrade projects. In this article we’ll discuss how to minimize the cost once you’ve decided to move forward on an upgrade so your team can continue to focus on valuable product feature or roadmap work.

Working with our team of experts to upgrade your Rails application allows you to stay compliant and take advantage of the benefits and security updates of a supported version, while also letting your team focus on revenue-generating initiatives. Still, it can be a significant investment, especially, as we covered in the previous post, if your project requires a high level of manual QA, for example.

There are, however, ways to reduce the time (and therefore cost) it takes to upgrade your Rails application when working with an external team. In this article, we’ll cover a few different strategies. Does it mean you can’t upgrade unless you do all of this? No, it doesn’t. Being an Agile team allows us to adapt to your process and workflow and work with any team to get the upgrade done. However, employing at least one of these strategies can make your upgrade more cost-effective.

Read more

How Much Does it Cost to Upgrade Rails?

You’ve decided you need to prioritize upgrading Rails. Maybe it’s a compliance issue, you’re running a version that has reached EOL and need to upgrade to a more current one. Maybe you want to benefit from some of the new features more recent versions provide. Maybe you’ve noticed the old Rails version is getting in the way of your team’s productivity. Or maybe it’s something else.

Whatever the motivation may be, upgrading Rails can be a significant effort. As such, one of the key things to consider is how expensive will it be to get you from your current version to your target version. Regardless of whether you plan to handle the upgrade in house or outsource, how long it’ll take and, therefore, how much it’ll cost, are the key questions to answer.

We have invested more than 30,000 hours in total in upgrading Rails applications, having completed more than 100 upgrade projects. In this article, we’ll leverage our historical data and what we learned to help you answer this question: How much will this cost?

Read more

How ActionDispatch::Response#content_type Changed between Rails 5.2 to 6.1

If you have ever upgraded Rails from 5.2 to 6.0, you might have run into issues with changes that had been made to the value of ActionDispatch::Response#content_type between the two versions.

If you have been lucky, you might not have even noticed there was a problem until Rails 6.0, after coming across this deprecation message:

Rails 6.1 will return Content-Type header without modification. If you want just the MIME type, please use `#media_type` instead.

What happened with ActionDispatch::Response#content_type between Rails 5.2 to 6.1? In this article, we will go into some background to learn what this method does, look at the differences in ActionDispatch::Response#content_type’s return value between the several Rails versions, and how you can fix the problem if you come across it in your codebase.

Read more

Dealing With Schema Changes in Rails 7

When you upgrade a Rails application from Rails 6.1 to 7.0, you may suddenly see a lot of changes in the schema.rb file and wonder where those changes come from and how to deal with them.

In this post, we look at what those changes are, and how to deal with them when upgrading a Rails application.

Read more

Why You Might Not Want to Run `rails app:update`.

At, we don’t always run rails app:update in our process to upgrade Rails apps.

It might seem like a sacrilege - after all, that’s why the task was created, to make upgrading Rails as painless as possible, right? But we have found while upgrading dozens of applications that running rails app:update isn’t the best idea in all situations.

In this article, you will learn what rails app:update does, when it should not be used, and how to upgrade your Rails app without it.

Note: In Rails versions before 5.0, rails app:update was called rake rails:update.

Read more

How to run multiple versions of Rails on Heroku

Imagine having the ability to deploy the next version of Rails in a dual booted application on your Heroku staging server or review app before deploying it to production. This capability can help you avoid bugs and downtime in your live environment. In this blog post, we will guide you on how to deploy a Rails upgrade to a staging environment, allowing you to thoroughly test it before it goes live.

Read more

Safeguarding from Deprecation Regressions During an Upgrade

You are upgrading a Rails application. You finished fixing a deprecation warning and it’s not present anymore. You continue working on other tasks and one day you find out the deprecation is back in the codebase. New code was added using the deprecated behavior, but it was not detected and now it needs to be fixed again…

How can you prevent that from happening and, at the same time, let the team know?

Read more

The History of the Asset Pipeline

Over the years, Rails has been changing the default way to handle assets while also adding different alternative options at the same time.

At first there were static files, then Sprockets appeared, then we had a choice between Webpacker and Sprockets for a few years, now Webpacker is gone and importmaps are the default. But jsbundling-rails and cssbundling-rails are also official options.

Sound confusing? In this article we’ll try to explain the history of all these changes.

Read more

Fortify Rails - Defending Your Ruby on Rails Applications from Bad Actors

On Monday June 12th, 2023, partnered with Expedited Security to talk about how to secure your Ruby on Rails application.

In this free webinar Ernesto Tagwerker ( and Mike Buckbee (Expedited Security) discussed topics of interest related to Rails security (exploitable ActiveRecord code, vulnerable dependencies, botnets, DDoS, a breakdown of common threats, and more).

You’ll also get a sneak peak of Wafris, an Open Source service to prevent attackers and dark traffic to your application and of our new Rails Security Audit, a service to detect vulnerabilities and exploitable code in your app!

Read more

Readonly Associations and Upgrading to Rails 4

After upgrading your application from Rails 3 to Rails 4, you might start seeing the following deprecation warning if you are using the readonly option in an association.

DEPRECATION WARNING: The following options in your Company.has_many :users declaration are deprecated: :readonly. Please use a scope block instead. ...

In this blog post, we’ll discuss in detail what the readonly option is and how to handle the deprecation warning.

Read more

RailsConf 2023 and the Rails upgrade workshop

As always, RailsConf was a great experience this year. For the fourth time, we gave the Rails Upgrade Workshop. It was actually my 2nd time participating in running the workshop, and my co-worker, Fiona’s 1st time.

Each time we run the workshop, we like to bring in a new co-presenter, so different members of our team can have the opportunity to present at RailsConf.

Read more

Introduction to Rails Engines

Rails Engines are an architectural pattern that can be used to modularize a Rails application. They are self-contained applications that can be mounted within a larger Rails application. In this post, we will dive into the world of Rails Engines and explore what they are, how to create them, how to use them, when to use them, and why they are important.

Read more

Bonsai - Fixed-cost, Monthly Maintenance Service

Ever since we started offering productized Ruby and Rails upgrade services and upgrade roadmaps, we’ve been interested in helping as many people and companies as possible.

Unfortunately, in the past we’ve had to turn down companies who wanted to work with us but couldn’t secure the minimum monthly budget to work with our experts.

I’m pleased to announce that we’re now offering new opportunities for startups and small businesses to work alongside our team.

In this article, I will share a few new options to collaborate with our team of experts who specialize in technical debt remediation.

Read more

How to Fix Rails 6.1 Relation `merge` Deprecation

Recently, while working on a Rails 6.1 to 7.0 upgrade, we encountered the following deprecation warning regarding changes made to ActiveRecord::Relation’s merge method:

"Merging (#{node.to_sql}) and (#{ref.to_sql}) no longer maintains both conditions, and will be replaced by the latter in Rails 7.0. To migrate to Rails 7.0's behavior, use relation.merge(other, rewhere: true)."

In this article, we will talk about the expected behavior of merge, how it has changed and what to do in order to use the new behavior if you find yourself looking at this deprecation.

Read more

4 Essential Security Tools To Level Up Your Rails Security

At we love Ruby on Rails because it is so powerful: You can quickly create an application that is feature complete, stable, and secure

Unfortunately, maintaining a Rails application up to date and secure takes some effort.

In this blog post, we will cover a few Ruby gems and best practices that you can use to stay on top of your security, reliability, and stability needs.

Read more

The Dangerous Query Method Deprecation

Have you ever tried to update a Rails app from 5.2 to 6.0, or from 6.0 to 6.1? If so, you might have seen this deprecation:

DEPRECATION WARNING: Dangerous query method (method whose arguments are used as raw SQL) called with non-attribute argument(s): "random()". Non-attribute arguments will be disallowed in Rails 6.0. This method should not be called with user-provided values, such as request parameters or model attributes. Known-safe values can be passed by wrapping them in Arel.sql(). (called from ...)

Note: While this deprecation message mentions Rails 6.0 as the version where the behavior is disallowed, that change was postponed, so the deprecation also shows in Rails 6.0. The behavior is actually disallowed in Rails 6.1.

What does this deprecation mean exactly? In this article, I will explain that in plain English, what issue it is trying to prevent, and how to fix the problem if you come across it in your codebase.

Read more

7 Common Mistakes in Rails Upgrades

Ruby on Rails is a popular web application framework that is constantly evolving with new versions being released frequently. While upgrading to a newer Rails version can bring new features, better performance, and security patches/improvements, it can also be a challenging task.

In this blog post, we will discuss 7 common mistakes made while doing Rails upgrades and how to avoid them.

Read more

How to extend Rails associations

You might have extended classes or instances in Rails, but do you know you can also extend Rails associations?

class Account < ActiveRecord::Base
    has_many :people, -> { extending FindOrCreateByNameExtension }
Read more

Naming Things is Hard

In the developers’ world, there is a well known quote by Phil Karlton that goes There are only two hard things in Computer Science: cache invalidation and naming things. We usually think about that phrase in the sense that it’s hard to come up with a clear, descriptive, and concise name for the code we write (variables, methods/functions, modules/classes, etc), but sometimes, the perfect name we found can be a problem too.

Read more

JavaScript Test Code Coverage in Rails

In modern apps, it’s common to enhance the user experience with JavaScript. Whether it’s just some JavaScript sprinkles here and there or a full JS-based frontend, this is as important as your Ruby code when it comes to the app’s correct functionality. In this article we’ll show how to measure the test code coverage for the JavaScript code when running system/integration tests along with the Ruby code coverage.

Read more

Upgrading To Zeitwerk

Zeitwerk is the code autoloader and reloader that was integrated with Rails 6. Beginning in Rails 7, it will be the only codeloader option. As a result, upgrading to Zeitwerk will be an important step in getting your application ready for the next version of Rails. In this article, we’ll talk about upgrading your Rails 6 application from classic to zeitwerk mode.

Read more

Solving Dual Booting Issues when Changes aren't Backwards Compatible

One of the steps we recommend taking when doing an upgrade for any Rails version is to dual boot the application with your current Rails version and your next rails version.

This is important because it allows you to quickly run the test suite for both versions, having dual booting available allows you to debug and also revert to your current version in a much simpler fashion.

However, sometimes changes that you make for the new version of Rails may not be compatible with your current version of Rails. This means that you will need to use a few different techniques to get both versions to be able to use the dual booting and run smoothly.

Read more

How Fast is Ruby 3 on Rails?

If you’ve been following me awhile, you know that I was hired by AppFolio years ago to measure Ruby 3’s performance, especially on Rails. This has been a long trip. And that very first project is finally over: Ruby 3 exists and I can check its final, released Rails performance.

If you have been following along, the numbers in this post won’t surprise you. But it’s important to do the final measurement. If you haven’t been following, this will bring you up to date.

Read more

How to Upgrade Rails Without a Test Suite

Sometimes you will be caught between a rock and a hard place. For example: You really need to upgrade your Rails application because Heroku is discontinuing your stack in two weeks so you don’t have the time to write an entire test suite.

Sometimes the situation will be that your boss really needs you to upgrade Ruby or Rails to use a version that gets security updates and they won’t allow you to write tests beforehand.

This article will explain how to ship a Rails upgrade project without a test suite. If your application has no tests, you will learn how to upgrade without having to write tests first.

Read more

How to Pitch a Rails Upgrade to Your Boss (Without Any Tech Speak)

If you’re a developer you know the reasons why you should be using the latest Rails framework. You understand the implications of performance gains, dependency issues and unsupported versions.

But these big picture benefits get lost in translation when talking to non-technical executives. What they need to know is the business case for an upgrade, how the work will translate into increased revenue.

So, here is an article to use or forward to communicate why an upgrade should be a priority. We also wrote an article on the more technical reasons if you are interested.

Read more

The Complete Guide to Rails Shims

When upgrading a Rails application, you might find that sometimes functionality is extracted from Rails and moved into a new gem. These gems are called shims, and they will basically allow you to keep using an old functionality, once the core API takes that out. You can also find shims in form of monkey patches. In this case it’s functionality that you develop to make your migration easier.

In this article I will list some of the functionality of past versions of Rails that was extracted into gems.

Read more

How to Migrate your JavaScript from Sprockets to Webpacker

Back in 2011, Rails 3.1 introduced The Assets Pipeline feature using the Sprockets gem. This made it really easy to handle assets (images, fonts, JavaScript, CSS and more), solving many of the issues that developers had to face everyday.

In 2012, Webpack was released solving the same issues in a different way and in time became the most used solution to handle assets. And since Rails 6, Webpack became the default solution to handle JavaScript assets using the Webpacker gem on new Rails applications.

In this article I’ll explain the steps we took to migrate to Webpack to handle our JavaScript assets, and how we added support as a node module in our styleguide.

Read more

What's the Best EC2 Instance Type for Rails Apps?

Do you ever look at the list of Amazon EC2 instance types?. Those are sizes of virtual machine you can rent to run your code on. Well, okay, they’re groups of sizes, since each one of those headings has a bunch of different sizes of VM…

So what type of EC2 instances should you run your Rails app on?

The answer is simpler than it looks.

Do you love numbers? I love numbers. Do you hate numbers? Skip to the bottom, there’s a nice summary paragraph. Do you really really love numbers? There are raw data dumps including all my intermediate results.

Read more

How We Estimate The Size of a Rails Application

When inheriting a project or starting an upgrade, it is useful to understand how big and complex the application really is. So, what is a good way to understand whether a Rails application is tiny, medium, or huge?

The good news is that there are a couple of gems that make this easy for us.

In this article I will explain how you can use these gems to begin to understand the size and complexity of a Rails application.

Read more

What are the Code Coverage Metrics for Ruby on Rails?

At we are constantly looking at code coverage metrics for Ruby on Rails applications. It’s a key indicator for us. We even use that information to decide whether we work on a Rails upgrade project or not.

So, I was interested in seeing code coverage metrics for the Ruby on Rails framework. I couldn’t find any information about this online, so I decided to generate a few reports for each component.

This is an article about my process and my findings.

Read more

How to check if your test suite is ready for a Rails Upgrade

Having a clear idea of how much test coverage your Rails application has is really important. Especially if you are planning to upgrade to a newer version of Rails. A good test suite will tell you if your application is working as it did before the upgrade.

At, we recommend having at least 80% of your application covered before attempting to upgrade. A number lower than that would require you to make a lot more manual testing to ensure that the application is properly working after the upgrade. If your application doesn’t meet that number, we suggest to first spend some time improving the test suite before starting the upgrade.

In this article, I’ll show you how you can measure your test coverage using SimpleCov.

A quick note before starting: SimpleCov doesn’t work in projects with Ruby 1.8.7 or lower. If that’s your case, you can try rcov.

Read more

Upgrading a Large Rails Application from Rails 5.0 to 5.1

We recently collaborated with Procore on a Rails upgrade for their Rails application which allows teams in the construction industry to connect their entire business process.

We spoke with Andy Maltun, Procore’s VP of Software Engineering, about the work performed to help them upgrade their app to version 5.1. According to Maltun, Procore’s R&D department is large and complex. While Procore previously had handled their Rails upgrades internally, with so many teams working on the application, it caused a lot of disruption as each team would handle only part of the upgrade. Therefore, Maltun “wanted to take a different approach this time in an effort to centralize the update and minimize the project management overhead and disruption of teams.”

Read more

Two Commonly Used Rails Upgrade Strategies

Rails upgrades can be done in many different ways. Depending on the application that you want to upgrade, some ways make more sense than others. There are factors that determine which Rails upgrade strategy is the best for your case, like how big your application is, or how frequently changes are pushed to the master branch. In this article I’ll be covering two common Rails Upgrade strategies so you can decide which one is the best for your application.

Read more

How to Migrate from Capybara Webkit to Webdrivers

We all know testing is important. We have our unit tests and integration tests to make sure everything is working as expected. At OmbuLabs, we use Capybara for our integration tests so that we can interact with the app as a real user would.

This is the process we used to replace the capybara-webkit gem in a legacy project with a more modern approach that uses the webdrivers gem and a headless browser.

Read more

The Complete Guide for Deprecation Warnings in Rails

Deprecation warnings are a common thing in our industry. They are warnings that notify us that a specific feature (e.g. a method) will be removed soon (usually in the next minor or major version) and should be replaced with something else. Features are deprecated rather than immediately removed, in order to provide backward compatibility (a solution that works in both the current and the future version), and to give programmers time to implement the code in a way that follows the new standard.

In this guide we’ll show you what the workflow is that we use at to address deprecation warnings when we upgrade Rails applications.

Read more

Our Rails Upgrade Process: How to bundle update rails

We know that there are many challenges involved in a Rails upgrade project. Depending on how big your application is, how old your Rails version is and how well structured your code is, it can be difficult to perform that job and keep your sanity. If you don’t find a reliable and trustable process to guide you from version X to version Y, you can end-up in a nightmare.

The good news is that here at OmbuLabs, we have been upgrading Rails applications for over 10 years now and this gave us a know-how to define a process that has proven to be very effective. And today I want to share Our Rails Upgrade Process with you.

Read more

Why Is It Important to Upgrade Your Rails Application?

Technology evolves quickly. When you first created your Rails application, it’s likely you did it using the latest version of Rails. As time passes, however, new Rails versions come out and your application becomes more and more out of touch with the latest version. But why is this important? Why does it matter?

There are several different reasons to upgrade your Rails application. In this article, I’ll list what we consider to be the most important ones.

Read more

Merging Multiple SimpleCov Coverage Results

As part of our Roadmap service at, we analyze the test suite of the application we are auditing to give a proper estimate on how long it will take us to upgrade. One of the tools we use for this is SimpleCov.

Often times our clients use parallelization in their continuous integration tools. SimpleCov generates multiple .resultset.json files for the same codebase. However, our goal is to have a single .resultset.json for the whole application. In this blog post we are going to show you how we solved the problem.

Read more

How to Stay Up to Date with Your Rails Application

An outdated Rails application doesn’t happen overnight. In we work with a lot of clients who have outdated Rails applications and we help them upgrade to a newer Rails version. In this article I share some things that you could start doing to avoid falling out of date.

Read more

How to Upgrade Any Rails Application Using Docker

Every time we start a new Rails upgrade project, we need to setup a whole new environment in our local machines. Sometimes that leads us down the rabbit hole which ends up breaking our environment for other client projects.

After years upgrading Rails applications, we learned that the best way to isolate our client projects’ environments is using Docker.

That’s why we decided to use Docker and docker-compose for all of our client projects. This year I had the opportunity to share our process in a series of workshops: Upgrade Rails 101: The Roadmap to Smooth Upgrades

Read more

Cleaning up: ActiveRecord::Dirty 5.2 API Changes

This article takes a look at some of the changes to the ActiveRecord::Dirty module between Rails 5.1 and 5.2.

If you’re running Rails 5.1, you may have already seen some of the deprecation warnings related to the API changes contained in it. Most of them are behavior changes, and there are some new additions as well.

To better understand these modifications, we’ll take a look at sample projects in Rails 5.1 and Rails 5.2.

Read more

Upgrade Rails from 3.2 to 4.0

This article is part of our Upgrade Rails series. To see more of them, check our article title The Rails Upgrade Series.

A previous post covered some general tips to take into account for this migration. This article will try to go a bit more in depth. We will first go from 3.2 to 4.0, then to 4.1 and finally to 4.2. Depending on the complexity of your app, a Rails upgrade can take anywhere from one week for a single developer, to a few months for two developers.

Read more

Tips for Writing Fast Rails: Part 1

Rails is a powerful framework. You can write a lot of features in a short period of time. In the process you can easily write code that performs poorly.

At OmbuLabs we like to maintain Ruby on Rails applications. In the process of maintaining them, adding features and fixing bugs, we like to improve the code and its performance (because we are good boy scouts!)

Here are some tips based on our experience.

Prefer where instead of select

When you are performing a lot of calculations, you should load as little as possible into memory. Always prefer a SQL query vs. an object’s method call.

Read more

Tips for upgrading from Rails 3.2 to 4.0

There are already quite a few guides in the wild to help with the upgrade of Rails 3.2 to Rails 4.0.

The official Rails guide for upgrading from Rails 3.2 to 4.0 is very thorough. With the recent release of Rails 5.0, apps currently in production running Rails 3.2 should probably be updated to any stable Rails 4 release as soon as possible.

There is even an e-book about upgrading from Rails 3 to 4, which serves as a useful guide to make this upgrade easier, and also helps understand the advantages & disadvantages of this new (soon to be old) version.

However, if you’re using any non-standard gems, you’re mostly on your own. Some gems stopped being maintained before Rails 4 was released, as was the case with CanCan, a well known authorization library. After many open pull requests were left unmerged, CanCanCan was released. It is a community driven effort to have a semi-official fork of CanCan. It serves as a drop-in replacement for people who want to use CanCan after upgrading to Rails 4.

Read more
Get the book