(no title)

For example, built-in capabilities for authentication are limited: https://github.com/rails/rails/issues/50446

So then do you go with has_secure_password/etc., Devise, rodauth, authentication-zero, or something else? These are big decisions that then might affect other things like authorization, OAuth, PassKey, etc.

And that's authentication & authorization which are a relatively well-understood and maintained area, but other areas might have totally unmaintained gems that might have issues with recent versions of Rails, or native module compilation issues with more recent versions of operating systems, etc.

A lot of Rails guidance on blog posts and StackOverflow might be outdated.

This problem is not unique to Rails. I still think Rails is great and relatively vibrant. Nevertheless, I suggest being very wary of Rails guides, blog posts, and StackOverflow answers that are more than 1 year old and doing a careful study and inventory of gems before deciding to use them and reviewing their relative recent usage and activity.