Be Careful with GIDs in Rails

https://blog.julik.nl/2025/12/a-trap-with-global-ids

44•julik•1mo ago

Comments

moondowner•1mo ago

Any popular Rails apps that use to_global_id?

kayodelycaon•1mo ago

The built-in ActiveJob api uses them.

rmosolgo•1mo ago

Shopify: https://shopify.dev/docs/api/usage/gids#global-id-structure

hahahacorn•1mo ago

Shopify https://shopify.dev/docs/api/usage/gids

rco8786•1mo ago

Almost any modern rails apps that have a job queue will use this at some point

philipallstar•1mo ago

This title is odd, given the actual identified problem seems to be LLMs writing code.

claudiug•1mo ago

yeah, but if you say LLM is shit, and not rails... goodbye views :)

hopeless•1mo ago

A bit of a bizarre post since to_sgid has existed forever to generate signed global ids. Global IDs are probably one the most powerful and underrated features of Rails but regular global ids are only supposed to be used internally (e.g. job params) and never sent to the client.

If there’s a gotcha it’s that _signed_ global ids are only signed, not encrypted, and very few people seem to know about the optimised method (globalid::Locator.locate_many) for loading a batch of global ids

kayodelycaon•1mo ago

Rails is a dangerous place to be throwing random data into APIs.

recursive•1mo ago

Also all the other places are too.

usernamed7•1mo ago

the AI hallucinated and somehow it's rails fault?

GID's are great - i think the issue is with how they leveraged rubyLLM for something they should inherently not be using LLMs for.

> Remember that GIDs were made for facilitating ActiveJob serialization - they are a system-level facility, not a product-level facility.

I think this is somewhat obvious given the signature like gid://awesome-app/Post/32; there is no scoping to the user or account so it should be treated like a global lookup. If you need scoping to a user/account you can build that.

Honestly I think this is a matter of the author using poor design decisions and over leveraging LLMs. But this is not the fault of Rails, it is working as expected.

Be careful with LLMs!

config_yml•1mo ago

> GIDs are not checked for authorization when doing the lookup - they are meant to be generated above the authorization layer, and to be consumed above the authorization layer

Then the problem with this post boils down to applying the authorization layer in any tool call, just like you do in controllers. Seems obvious?

jeremy_k•1mo ago

Agreed. Seems like the author tried to get fancy using GIDs with LLMs to cut down on the logic in their tool calls and opened a can of worms.

otikik•1mo ago

If you don't want invoice 22 to be shown by someone putting 22 on the url, you definetly need to enforce permissions on your app. The Global ID issue is tangential to that.

jsmith45•1mo ago

Sure but the real concern of the article that if passed "gid://moneymaker/Invoice/22ecb3fd-5e25-462c-ad2b-cafed9435d16" the global id locator will effectively locate "gid://moneymaker/Invoice/22". Which is to say, that what is supposed to be a system-generated id which has no need for de-slugification, uses the same lookup method as is normally used for URLs which attempts to de-slugify.

Obviously, this means that first gid was bogus anyway, as it was trying to look up via the wrong key, but the fact that it doesn't fail, and will instead return the record with primary key "22" can certainly be surprising.

tyrellj•1mo ago

The original comment is valid though, this has nothing to do with GIDs, standard /:id/ routes, and Model.find() can suffer the same issue. Probably because "22ecb3fd-5e25-462c-ad2b-cafed9435d16".to_i is still 22?

julik•1mo ago

Yes, you need both

rco8786•1mo ago

So....LLMs can hallucinate GIDs. I hope that everyone is aware of that.

yetanotherjosh•1mo ago

I struggle to understand what this specifically has to do with rails or global IDs. In ANY framework or query system, if you are asking an LLM to produce IDs which you are then passing to a database for lookup, you need to understand those identifiers could be hallucinated or incorrect in surprising or malicious ways, and can lead to data leaks or exfiltration.

It's like writing an article about "the dangers of PostgreSQL" ... when generating SQL from an LLM. It has nothing to do with Postgres specifically, it's that you're generating queries to run in a trusted context from an untrustable origin.

axelthegerman•1mo ago

Or more like "be careful with the power you give your LLMs"

What Is Ruliology?

Jon Stewart – One of My Favorite People – What Now? With Trevor Noah Podcast [video]

P2P crypto exchange development company

Vocal Guide – belt sing without killing yourself

Write for Your Readers Even If They Are Agents

Knowledge-Creating LLMs

Maple Mono: Smooth your coding flow

Sid Meier's System for Real-Time Music Composition and Synthesis

Show HN: Slop News – HN front page now, but it's all slop

Show HN: Empusa – Visual debugger to catch and resume AI agent retry loops

Show HN: Bitcoin wallet on NXP SE050 secure element, Tor-only open source

White House Explores Opening Antitrust Probe on Homebuilders

Show HN: MindDraft – AI task app with smart actions and auto expense tracking

How do you estimate AI app development costs accurately?

Going Through Snowden Documents, Part 5

Show HN: MCP Server for TradeStation

Canada unveils auto industry plan in latest pivot away from US

The essential Reinhold Niebuhr: selected essays and addresses

Rentahuman.ai Turns Humans into On-Demand Labor for AI Agents

StovexGlobal – Compliance Gaps to Note

Show HN: Afelyon – Turns Jira tickets into production-ready PRs (multi-repo)

Trump says America should move on from Epstein – it may not be that easy

Tiny Clippy – A native Office Assistant built in Rust and egui

LegalArgumentException: From Courtrooms to Clojure – Sen [video]

US moves to deport 5-year-old detained in Minnesota

If you lose your passport in Austria, head for McDonald's Golden Arches

Show HN: Mermaid Formatter – CLI and library to auto-format Mermaid diagrams

RFCs vs. READMEs: The Evolution of Protocols

Kanchipuram Saris and Thinking Machines

Chinese chemical supplier causes global baby formula recall