December 24th, 2013
(written by lawrence krubner, however indented passages are often quotes). You can contact lawrence at: firstname.lastname@example.org
50 minutes of Yehuda Katz talking about Rails. He says he wants to answer the accusation that there is too much bulk in Rails. He argues that much of that bulk is doing important stuff that you don’t know about, and that if they do their jobs intelligently, as designers of a framework, you should never have to think about all the cool stuff that the code is doing for you, but that you should be grateful that all that cool stuff is going on, in the code hidden away in the bulk of Rails. Then he covers stuff like protection from cross-site request forgery (CSRF) attacks.
I watched this and was still left thinking, why does all this junk need to be thrown together in a framework? I will never need this specific mix of gems, so why not just have list of recommended gems, and leave it at that? Why make a framework? Especially given my experience with Clojure, and its wonderfully composable libraries, I am left skeptical of frameworks.
Katz recognizes that there are many people on StackOverflow who complain about CSRF not working, and the common advice is to turn off CSRF protection — surely that by itself is proof that people should only turn this on when they need it?
He then spends some time talking about the way Rails standardizes on UTF-8 and how it will try to guess the encoding of a string, when the encoding is not known. I guess if I spent my time doing CRUD apps for corporations, then this would be interesting to me, but I don’t, so I don’t care. It is interesting to consider how much Rails has replaced Struts as the framework for corporate CRUD. Despite its reputation for being subversive and hipster, Rails is the new conservative choice.Source