Whether your application is running slow or needs upgraded to the latest Rails version, we got you covered. We’ll do a comprehensive audit of your application’s code make sure it’s in tip-top shape for the long haul.
Here’s what you can expect:
- SQL Injection is when a user is able to manipulate a value which is used unsafely inside a SQL query. This can lead to data leaks, data loss, elevation of privilege, and other unpleasant outcomes.
- Command injections are when shell commands unsafely include user-manipulatable values in the code.
- Cross-Site Scripting or XSS for short. This malicious attack injects client-side executable code. Rails provides helper methods to fend these attacks off.
- Denial of Service happens when instances of user input that are converted to a Symbol. When this is not restricted, an attacker could create an unlimited number of Symbol. Also, checks for unregulated expensive operations.
2. Best Practices
- Checks for fat model/skinny controllers, scopes, scopes with lambda, default scopes, model creation scopes, skipping a filter.
- Models checks for basic & compound indices, protecting your attributes, using default database values, using callbacks properly, improving validation, database seeding.
- Checks for complex views, use of helpers, rendering content with partials, handling empty strings, using contentfor, meta yield.
3. Architectural Checks
- Domain Modeling checks for optimized model relationships.
- Spaghetti SQL - checks for complex SQL query where a full-text search tools such as Solr or ElasticSearch maybe more appropriate.
- Transaction Blocks - checks for multiple record updates, needless nested transactions, proper rollbacks, transactions in controllers.
- Test Code Coverage - checks the overall test code coverage to ensure the application is thoroughly tested.
4. Performance Checks
- Optimizing N+1 Queries - checks a serious performance problem.
- Caching - checks for the use of caching to speed up your application response time
- Database Indexes - checks for indexes on foreign keys, columns that need to be sorted, lookup fields and columns that are used in a GROUP BY. This can improve the performance for the SQL query.