Ruby 2 was just released, and the new 'refinements' feature presents some interesting challenges for JRuby and just about anyone wanting to read Ruby code.  Brief chat about the regex security affecting Rails back in January, but more broadly speaking, what does this say about regex in general?  Should we embrace it, or find better alternatives?  Finally, I've got a new blog post up about web framework security - why do (almost) no web frameworks ship with security baked-in?


Ruby stuff:

Malloc stuff: