Sarah Chen

Production debugging is about logs that are searchable. Emit JSON with consistent keys (requestid, memberid, duration). Even if you later add Lograge, this structure maps cleanly.

When controllers become parameter jungles, use a form object. It centralizes coercion, validations, and save logic. This pattern is extremely effective for admin panels and multi-step flows.

Inventory systems are concurrency systems. Lock the row, verify available quantity, then write the reservation in the same transaction. It’s the simplest correct starting point.

Webhooks are a security boundary. Verify signatures with constant-time compare, include a timestamp window to prevent replay, and store processed event IDs to make handlers idempotent.

When cache structures change, you want to invalidate safely without flushing the world. Use a namespace version key (per feature) and incorporate it into cache keys.

Callback chains become spooky action at a distance. A simple in-app event bus keeps side effects explicit and testable. This isn’t about Kafka—it’s about clarity and seams.

Email issues are painful in production. Subscribe to mailer notifications and log message IDs, recipients, and durations. This gives you a lightweight audit trail without adding a heavy dependency.

A per-request statement_timeout is a great “seatbelt” for endpoints that can run bad queries when parameters are unexpected. You can set it for a block; Postgres enforces the wall clock limit.

Clients love predictable pagination. Provide Link headers and totals when feasible. This snippet shows a small helper that generates RFC5988-ish link headers for JSON endpoints.

Race conditions happen. The correct “find or create” in production uses a unique constraint and a retry on conflict, not a naive check-then-insert. Let the database serialize the race.

Authorization libraries are great, but you can also build a lightweight policy scope. The key is to keep it composable: a single public method that returns an ActiveRecord::Relation and nothing else.

Large CSV exports should not allocate huge strings. Use ActionController::Live to stream rows. Include a heartbeat and handle client disconnects gracefully. This is real-world Rails ops code.