- The best-governed language in all of software, and the best-governed web framework
- A huge ecosystem of libraries for everything from data science to email processing, that are (mostly) easy to read and modify and free from systemic security issues. And pretty much every major company with an API has an official Python library for that API.
- The standard language taught at most of the top CS programs around the world
- A web framework that's had almost no major security issues over the 10+ years its been around
What exactly would you get in terms of benefits from switching to Ruby? I'm not saying Ruby or Rails are bad tools, I just don't get why someone who already knew Python and Django would switch.
I get that if you run a dev shop it might be a better choice for just cranking out web apps as fast as possible for clients, but if you run an actual startup I don't see that the benefits of saving a couple lines of code would offset the costs of being locked into the ruby ecosystem.
> - A huge ecosystem of libraries for everything from data science to email processing, that are (mostly) easy to read and modify and free from systemic security issues. And pretty much every major company with an API has an official Python library for that API.
I disagree about this, there's not even a basic user signup flow plugin with page templates that would allow SSO and U2F, it was so when I was looking at it three months ago. With Flask I can use Flask-Security, Flask-Dance and I have user signup, pw resets, SSO. With CSRF protection out-of-box and bunch of other security features are easy to turn on compared to Django. What I did like about Django was the idea and maybe I would've liked Django-Admin if I didn't have to reinvent three wheels out of four.
There was a mailing list discussion about building U2F into Django, and I agree that should get done.
I don't know a ton about SSO, although I'm more skeptical about building it into Django only because there are many different ways you might want the business logic to work, so to me that suggests using a library for that might be more appropriate than having it built into the framework.
There's not even a good 3rd party library, I spent like a day testing all of them out and it's so cumbersome compared to what I had to do with Flask-Security and Flask-Dance.
Fair. I had the same issue a few weeks ago implementing OAuth as a provider. There is a library that is reasonably functional, but the documentation is so bad that if you followed it verbatim there would be huge security holes in your app.
I've spent years using Rails and about a year with Django. In general find Rails to be more logical and less cumbersome. Django feels more cobbled together than Rails, with less cohesiveness.
Sorry that these are fairly abstract statements without examples. I need to start tracking them.
I find this comment interesting because my experience is the exact opposite. (I won't bore you or tempt the trolls with details) I don't mean to downplay your experience at all. My working theory is that you just think the way the rails devs do and I think the way the Django devs do.
Could be. Could be that I have more experience with Rails and used it first. Maybe if I used Django first it'd be the other way around.
For the record I didn't want to do Rails work when I started, and begrudgingly accepted being called a Rails developer only after two years of experience.
Python is much easier to learn and most devs already know it. It fosters quick and simple code that is super easy to maintain, and python/django is a huge and accessible ecosystem.
I don't need to learn a new language I won't use for anything else, I don't need to learn a framework that is not as simple as its proponents describe. I also don't need to learn a new package manager or go digging for gems that do what I need.
If you aren't already invested in ruby, there is very little to gain as a web app developer. It would be a huge waste of time to drop django or flask and learn not only a new framework but also a language that is often described as cumbersome to use.
Ruby on rails might make sense if you already know it, but it makes little sense for anyone else to learn it these days.
