I've seen this kind of code more times I'd want to take:

rescue => e
render json: { errors: e.message },
status: :internal_server_error

Capture all the possible exceptions. Why? Is it really needed or convenient?

Do not report the error back to the client, it open a big door to exploits.

Log everything? Looks like a good idea, but it might leak things like tokens, secrets(?) or PII.

If you see on the wild, ask questions, might had a reason.

Sign in to participate in the conversation

A Mastodon instance for Rubyists & friends