Shorts


TensorFlow Object Detection in PHP

The ONNX Runtime package makes it easy to run TensorFlow models in PHP. This short tutorial will show you how. It’s based on this tutorial from...

August 24, 2022


DVC on Heroku

DVC is a version control system for machine learning datasets and models. It allows you to store large files outside of Git while keeping them...

November 7, 2020


Git LFS on Heroku

Git LFS allows you to version large files while storing them outside of your Git repository. Heroku doesn’t have built-in support for it, so a few...

October 31, 2020


15 More ML Gems for Ruby

I’m happy to announce another round of machine learning gems for Ruby. Like in the last round, many use FFI or Rice to interface with high...

September 24, 2020


Ruby ML for Python Coders

Curious to try machine learning in Ruby? Here’s a short cheatsheet for Python coders. Data structure basics Numo: NumPy for Ruby Daru: Pandas for...

January 23, 2020


16 New ML Gems for Ruby

In August, I set out to improve the machine learning ecosystem for Ruby and wasn’t sure where it would go. Over the next 5 months, I ended up...

January 22, 2020


Daru: Pandas for Ruby

2023 Update: Check out Polars Ruby as well. NumPy and Pandas are two extremely popular libraries for machine learning in Python. Last post, we...

September 18, 2019


Numo: NumPy for Ruby

NumPy is an extremely popular library for machine learning in Python. It provides an efficient way to work with large, multi-dimensional arrays....

September 17, 2019


Emotion Recognition in Ruby

Welcome to another installment of deep learning in Ruby. Today, we’ll look at FER+, a deep convolutional neural network for emotion recognition...

September 13, 2019


Artistic Style Transfer in Ruby

The ONNX Model Zoo has a number of interesting pretrained deep learning models. Thanks to the ONNX Runtime, we can run them in Ruby. Today, we’ll...

September 11, 2019


TensorFlow Object Detection in Ruby

The ONNX Runtime gem makes it easy to run TensorFlow models in Ruby. This short tutorial will show you how. It’s based on this tutorial from...

August 28, 2019


Score Almost Any Machine Learning Model in Ruby

Ruby isn’t a common choice for machine learning, but companies running Ruby can get tremendous value from it. I’m happy to announce it’s now...

August 27, 2019


XGBoost and LightGBM Come to Ruby

I’m happy to announce that XGBoost - and its cousin LightGBM from Microsoft - are now available for Ruby! XGBoost and LightGBM are powerful machine...

August 19, 2019


Modern Encryption for Mongoid

I’m happy to announce that Lockbox now supports Mongoid. This makes it easy to add application-level encryption to your MongoDB documents. Blind...

August 16, 2019


Gem Patterns

I’ve created a few Ruby gems over the years, and there are a number of patterns I’ve found myself repeating that I wanted to share. I didn’t invent...

August 2, 2019


Introducing Searchkick Pro

Note: Searchkick Pro is no longer available. Searchkick makes it easy to add intelligent search to Rails applications. It was launched in 2013 back...

August 1, 2019


Lockbox: Now with Types

A new version of Lockbox was just released with support for types, making it easier to encrypt non-string fields. Previously, you’d need to perform...

July 22, 2019


Ruby with OpenSSL 1.1

Some Ruby features like scrypt and hkdf require OpenSSL 1.1. Here’s how to make it work on Mac: Install rbenv and OpenSSL 1.1 Install Ruby Open an...

July 11, 2019


Securing User Emails in Rails with Lockbox

This is an update to Securing User Emails in Rails with a number of improvements: Works with Devise’s email changed notifications Works with...

July 10, 2019


Blind Index 1.0

Blind indexing is an approach to securely search encrypted data with minimal information leakage. I’m happy to announce that Blind Index 1.0 was...

July 9, 2019


Modern Encryption for Rails

Encrypting sensitive data at the application-level is crucial for data security. Since writing Securing Sensitive Data in Rails, I haven’t been...

July 8, 2019


Why and How to Keep Your Decryption Keys Off Web Servers

Suppose a worst-case scenario happens: an attacker finds a remote code execution vulnerability and creates a reverse shell on one of your web...

March 28, 2019


Argon2 with Devise

bcrypt has been a great choice for safely storing passwords. However, as time has passed, a better alternative has emerged: Argon2. OWASP now...

March 23, 2019


Hybrid Cryptography on Rails

Hybrid cryptography allows certain servers to encrypt data without the ability to decrypt it. This can greatly limit damage in the event of a...

February 28, 2019


Introducing pdscan: Scan Your Data Stores for Unencrypted Personal Data

It's important to understand where personal data is stored in your applications. Personal data that’s not encrypted at the application level is...

February 25, 2019


Securing Sensitive Data in Rails

It feels like data breaches are showing up every week in the news. If you haven’t taken a second look at how you’re storing sensitive data, now is...

November 20, 2018


Postgres SSLMODE Explained

When you connect to a database, Postgres uses the sslmode parameter to determine the security of the connection. There are many options, so here’s...

November 18, 2018


Active Storage S3 Client-Side Encryption

Use client-side encryption to encrypt your data before sending it to S3. You can provide an encryption key to use directly or a KMS key for...

November 12, 2018


Scaling the Monolith

Many companies start out with a single web application. As the team and codebase grow, things feel less organized and common tasks like booting the...

November 7, 2018


Rails, Meet Data Science

Organizations today have more data than ever. Predictive modeling is a powerful way to use this data to solve problems and create better...

October 29, 2018


Introducing Archer: Rails Console History for Heroku, Docker, and More

Many companies today run infrastructure where machines or containers can be replaced at any time, so you can’t depend on them for permanent...

October 23, 2018


Strong Encryption Keys for Rails

Encryption is a common way to protect sensitive data. Generating a secure key is an important part of the process. attr_encrypted, the popular...

October 22, 2018


Verify Slack Requests in Rails

Slack signs its requests so you can verify they’re authentic. Here’s a method you can use in your Rails controllers for it. lock

September 14, 2018


Vault for PKI

Here’s how to use Vault for public key infrastructure. Update: Vault now has a great article on this Install the latest version of Vault and jq...

July 21, 2018


Backsolving in Ruby

QR decomposition is a stable way to solve linear regression. You can use the extendmatrix gem to do decomposition in pure Ruby. Givens rotations...

June 28, 2018


Jupyter + Rails

Jupyter notebooks are a great alternative to the Rails console for doing exploratory data analysis and building predictive models. Here’s how to...

June 19, 2018


Bulk Upsert in Ruby/Rails

The upsert gem is great for individual upserts, but for performant bulk upserts, use the activerecord-import gem. Add a unique index on the columns...

June 16, 2018


Securing User Emails in Rails

There is an updated version of this post. The GDPR goes into effect next Friday. Whether or not you serve European residents, it’s a great reminder...

May 14, 2018


Anonymizing IPs in Ruby

With the GDPR just around the corner, here are two useful ways to protect your users’ IP addresses. Both support IPv4 and IPv6, and are included in...

May 5, 2018


TPC-DS with Postgres

TPC-DS is a database benchmark. Create the database and load the schema Generate data Load the data Generate queries Run queries Bonus: Add Indexes...

April 29, 2018


TPC-H with Postgres

TPC-H is a database benchmark. Create the database and load the schema Generate data Load the data Generate queries Run queries Bonus: Add Indexes...

April 29, 2018


Package Your JavaScript Libraries With Rollup

Rollup is a great tool for building libraries. “Webpack for apps, and Rollup for libraries” Run: Add to package.json: Add dist/ to your .gitignore....

March 27, 2018


Securing Database Traffic with PgBouncer and Amazon RDS

Securing database traffic inside your network can be a great step for defense in depth. It’s also a necessity for Zero Trust Networks. Both Amazon...

November 27, 2017


Trying Out Vault for Postgres Credentials

Install Vault, as well as JQ for JSON parsing Start the dev server Then open another window. For this demo, we’ll create a new Postgres database....

November 5, 2017


A Short Guide to Metrics

Simple rules to follow when creating metrics Over time: You must see how metrics change over time. Ideally you can view them by day, week, and...

November 5, 2017


Client-Side Encryption with AWS and Ruby

AWS makes it easy to enable server-side encryption on many of its services, but it also provides ways to do client-side encryption well. Here are a...

September 23, 2017


PgHero 2.0 Has Arrived

It’s been over 2 years since PgHero 1.0 was released as a performance dashboard for Postgres. Since then, a number of new features have been added....

August 8, 2017


Introducing Dexter, the Automatic Indexer for Postgres

Your database knows which queries are running. It also has a pretty good idea of which indexes are best for a given query. And since indexes don’t...

June 26, 2017


Bootstrapping Postgres Users

Setting up database users for an app can be challenging if you don’t do it often. Good permissions add a layer of security and can minimize the...

May 23, 2017


New Rails App Checklist

How I personally start new apps Create Project Get the latest version of Rails Create a new app Don’t fret too much over the name - you can easily...

March 30, 2017


Just Table It

When it comes to data, you can mistakenly optimize by trying to choose the “right” technology for the job. Often, the best choice is right in front...

January 13, 2017


The Safely Pattern

The Safely Pattern is a simple one. It allows you to tag non-critical code by wrapping it in a function. It’s built on top of exception handling...

December 6, 2016


Large Text Indexes in Postgres

Note: This article was written for Postgres 9.6 and below. For Postgres 10+, use hash indexes instead. An index on a sufficiently large text column...

October 7, 2016


navigator.sendBeacon and Rails

navigator.sendBeacon is a neat new API. It allows you to send an asynchronous POST request without delaying the page unload. To prevent Can't...

September 1, 2016


Installing Presto for Mac

Presto is a “Distributed SQL Query Engine for Big Data” that gives you the ability to join across data stores! tada Server The easiest way to...

August 4, 2016


Google OAuth with Devise

Here’s a quick guide to setting up Google OAuth as your app’s exclusive authentication method Add to your Gemfile And run Create a User model In...

July 18, 2016


Hardening Devise

A few basic steps to make your Devise setup more secure lock Send notifications for important events Like a user changing his or her email or...

July 7, 2016


Error Reporting in R

R supports global error handling, making it easy to report all errors without individual tryCatch statements. Create a file to source at the start...

May 11, 2016


Startup Security

A few simple steps to keep you secure. Require 2-factor authentication for important accounts, like Gmail and GitHub. Require hard drives to be...

April 4, 2016


Learn Data Science

R and Python are two popular languages for data science. We use both at Instacart. This is a short guide for R. It’s quick and everything is...

January 12, 2016


Adding CSP to Rails

Content Security Policy can be an effective way to prevent XSS attacks. If you aren’t familiar, here’s a great intro. To get started with Rails,...

November 29, 2015


Security Checks

You should see verify return:1 for each certificate in the chain. Host header injection Read about it here. Your site is vulnerable if evilsite.com...

October 26, 2015


Data Science SQL

Root mean squared error Mean absolute error Mean error Median - get it here

September 10, 2015


Rails on Heroku

The official guide is a great place to start, but there’s more you can do to make life easier. tangerine Based on lessons learned in the early...

August 12, 2015


R and Database URLs

Note: This approach is now built into the dbx package To use a DATABASE_URL with R, do: Postgres MySQL cake

August 10, 2015


The Origin of SQL Queries

Do you know what part of your application is generating that time-consuming database query? There’s a much simpler way than grep. Add comments to...

July 15, 2015


irbrc

My simple ~/.irbrc

June 29, 2015


Dokku on DigitalOcean

droplet Your very own PaaS Create Droplet Create new droplet with Ubuntu 16.04. Be sure to use an SSH key. Install Dokku And visit your server’s...

May 31, 2015


Rails on Dokku

To open a Rails console, run: Migrations

May 31, 2015


Host Your Own Postgres

elephant Get running with the last version of Postgres in minutes Set Up Server Spin up a new server with Ubuntu 16.04. Firewall Automatic...

May 31, 2015


The Two Metrics You Need

When interviewing candidates for Instacart’s first site reliability engineer, I volunteered to cover monitoring as one of my topics. I’d start by...

April 30, 2015


Scaling Reads

Note: This approach is now packaged into a gem gem One of the easier ways to scale your database is to distribute reads to replicas. Desire...

March 31, 2015


PgBouncer Setup

In under 5 minutes Get Started Here’s the flow: You can install PgBouncer on the same server as Postgres or a separate server. For Amazon RDS, you...

March 31, 2015


attr_accessible to Strong Parameters

Running Rails 4 with attr_accessible? Upgrade in three safe and easy steps 1 First, log all instances of forbidden attributes. Add to...

March 31, 2015