Requesting new/improved guides -- CSP and Yarn/Webpacker

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Requesting new/improved guides -- CSP and Yarn/Webpacker

John Hinnegan
Hello all,

This is a request/suggestion for improving the rails guides in 2 places: around the content security policy and Yarn/webpacker workflow 

Background is that I've used (and love using) rails for years. I was working on other technologies for the past 2 years, so when I started a new project, I jumped from Rails 4 to Rails 5. I'm primarily a back-end developer, and have always just sort of cobbled together my front-ends. CSP and Yarn/Webpacker are really slowing me down, and there is very little documentation I've been able to find that can yelp.

Not being a JS guy, this is my first exposure to Yarn. I don't have experience with npm. There's no docs that I can find on how it's supposed to be working in Rails. There are almost no blog posts about it (yet). I am really just looking for a workflow I can follow: e.g. I found a JS library online, how am I supposed to get this working in Rails? So I can add a project to yarn, now what? I've been trying to figure out where the magic paths I see in the examples come from (e.g. instead of //= requires project-x, it's now //= requires project-x/dist/project-x or something).
It would be great to have a section in a guides that walks step by step on how to get a typical JS project from github running on your rails app. Ideally, this example would not be a framework (e.g. don't choose react as the example, maybe something like datepicker). I would also have expected some mention of this in the asset pipeline or working with javascript guides. 

The second issue I'm hitting is the content security policy. There is a section in the guides that mentions this, but I can't actually find any docs on what the options are and what they're doing. (Maybe they're there and I can't find them, but I've also looked through github, and none of the content_security_policy methods are documented.)

I really appreciate all the work that the people on this list do, and would just throw in a Thank You.

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/rubyonrails-core.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: Requesting new/improved guides -- CSP and Yarn/Webpacker

Douglas Lovell
+1 Similar experience.

There's actually too much information around the web about working in the ES6/Babel/Webpack/Yarn etc. ecosystem. Because of the rapid growth and change in that area, it's hard to sort out the current stuff. And finding that, it's hard to sort out the good current stuff. But possible. I always end up with dozens of open tabs.

Something simple and authoritative in the Rails Guide would be so great. Even if it's just the basics with pointers to the good, current, deeper documents. I wish I could write it.

On Monday, August 27, 2018 at 2:30:31 PM UTC-3, John Hinnegan wrote:
Hello all,

This is a request/suggestion for improving the rails guides in 2 places: around the content security policy and Yarn/webpacker workflow 

Background is that I've used (and love using) rails for years. I was working on other technologies for the past 2 years, so when I started a new project, I jumped from Rails 4 to Rails 5. I'm primarily a back-end developer, and have always just sort of cobbled together my front-ends. CSP and Yarn/Webpacker are really slowing me down, and there is very little documentation I've been able to find that can yelp.

Not being a JS guy, this is my first exposure to Yarn. I don't have experience with npm. There's no docs that I can find on how it's supposed to be working in Rails. There are almost no blog posts about it (yet). I am really just looking for a workflow I can follow: e.g. I found a JS library online, how am I supposed to get this working in Rails? So I can add a project to yarn, now what? I've been trying to figure out where the magic paths I see in the examples come from (e.g. instead of //= requires project-x, it's now //= requires project-x/dist/project-x or something).
It would be great to have a section in a guides that walks step by step on how to get a typical JS project from github running on your rails app. Ideally, this example would not be a framework (e.g. don't choose react as the example, maybe something like datepicker). I would also have expected some mention of this in the asset pipeline or working with javascript guides. 

The second issue I'm hitting is the content security policy. There is a section in the guides that mentions this, but I can't actually find any docs on what the options are and what they're doing. (Maybe they're there and I can't find them, but I've also looked through github, and none of the content_security_policy methods are documented.)

I really appreciate all the work that the people on this list do, and would just throw in a Thank You.

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Core" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/rubyonrails-core.
For more options, visit https://groups.google.com/d/optout.